Speech by SEC Staff:
Remarks at "Meet the Regulators"

by

Lori Richards

Director, Office of Compliance Inspections and Examinations
U.S. Securities & Exchange Commission

Mid-Atlantic Securities Forum
Philadelphia, Pennsylvania
March 21, 2002

Good morning.

Thank you for having me speak today. I want to thank my friend and colleague Ron Long, who put this conference together, and came up with the idea for a local conference designed to provide opportunities for those in the regulated community to meet and spend time with those of us in the regulatory agencies -- the Securities and Exchange Commission, the National Association of Securities Dealers, the states of Pennsylvania, New Jersey, Virginia, and Delaware, and the Philadelphia Stock Exchange. I must tell you what a terrific idea I think this forum is. I have always believed that our functions -- as professionals in the securities industry and as regulators -- are improved when we can discuss issues and learn from each other. It's my hope that this program might be a prototype for other such conferences in all areas of the country!

There is much for us to talk about -- certainly there are new rules that affect your operations that you must learn about. These include new rules for mutual funds, like rules on fund governance, using after-tax performance figures and on fund names. There is also a new on-line registration system for advisers -- the IARD. And, there are new rules for broker-dealers, including new books and records rules and rules designed to prevent conflicts of interests for analysts. And of course, both funds and broker-dealers will need to implement new compliance policies and procedures designed to prevent money laundering under the U.S. Patriot Act.

In addition to new obligations, I think that there are always new ways to ensure compliance with existing obligations. I am very interested in firms' ongoing efforts to build a "better mousetrap" in compliance controls, and particularly in the continuing development of automated compliance tools. I hope that there is time in the schedule today to talk about the compliance tools that work best for you.

Since this conference is entitled "Meet the Regulators," I'd like to talk broadly about my views and philosophy with respect to compliance, and why I believe that ensuring good compliance with the law and with ethical standards is critical, and why it's in your interests too. I also want to update you on some recent changes in the examination program.

Good Compliance Is Good Business

Let me start by talking a bit about what distinguishes so many firms in this industry -- good compliance. In a nutshell, I believe that what's good for investors is good for firms doing business for investors. Good compliance is and always will be, good business sense. This is certainly a notion you've heard before, but one that bears repeating when profits are down and there is more and more pressure on bottom-line results. It's in these times that competitive and profit pressures may impact decision-making more acutely than in good times. One may be tempted to cut corners, or to short-cut controls. Beware of this incentive. There are too many textbook examples of firms in all industries who let problems go undetected or uncorrected, only to suffer huge consequences later, even failure, when the problem manifested itself and created a crisis of customer confidence. It's important to remember that these problems can arise anywhere in your organization.

Let me give you just one example, though I'm certain that all of us could think of others. E.F. Hutton was once among the leading firms in the securities industry. When E.F. Hutton talked, everyone listened. Unfortunately, however, when E.F. Hutton pled guilty to several thousand counts of mail and wire fraud in a check-kiting scheme, investors were stunned. Today, E.F. Hutton is no more, and the disastrous loss of investor confidence following its conviction played an important role in its fall.

Protecting your firm's reputation from these kinds of mistakes is critical. Good compliance practices are, and always will be, an important part of a securities firm's day-to-day activities. Whether you are in your firm's compliance or legal department or on the business side, you play an important role.

But it's not easy. Every day you're faced with challenges, and every day you must stand up and do what's right. To stand up and do what's right -- that's called integrity. Chairman Pitt, in a speech last week to the Securities Industry Association's Legal and Compliance Division, described integrity in this way. He said that:

"Integrity must start in your office. [Quoting from Stephen Carter's "Integrity," he said that] 'Integrity is like the weather: everybody talks about it but nobody knows what to do about it. Integrity is that stuff we always say we want more of.' So what do we mean when we talk about integrity? Carter's definition is a great starting point. He writes, 'Integrity… requires three steps: (1) discerning what is right and what is wrong; (2) acting on what you have discerned, even at personal cost; and (3) saying openly that you are acting on your understanding of right from wrong.'"

This three-step process -- discerning right from wrong, acting on it, and saying it publicly -- isn't that what you must do every day? Don't you make decisions that involve the interests of your customers every day? Decisions about for example, how to resolve a customer's complaint, how to handle the pricing of a security for net capital purposes or as part of a calculation of NAV, how to handle mistakes or errors by employees -- there are a myriad of everyday decisions that must be made that involve the interests of your customers. I suggest that it is in these everyday decisions that you implement integrity. Behind closed doors, in private, outside the public's view, in running a business every day, you implement your integrity.

One cannot underestimate the difficulty of this -- in making some decisions, it may be easier, more expedient, less painful even, to make choices that resolve the matter, but that may not be wholly in the interests of your customer. And, in seeking to do what's right, you may find resistance from others within your firm. In accepting an award for his career achievements from the Securities Industry Association's Legal and Compliance Division, Stephen L. Hammerman, the retiring Executive President and General Counsel of Merrill Lynch, described the resistance you may encounter. He said that you may hear statements like:

"You're killing my business. The other (Brand X) firms let their people do it;"

"If we don't do this type of business we might as well be out of business;" or

"Thanks for your advice, but it's a business decision to hire the bum, sell this product, or enter into this questionable transaction."

He said that when you hear these phrases, get ready, because experience should teach us that -

"The other firm generally does not do it, including firm Brand X;"

"You are better off being out of business than being indicted while in it;" and

"It is not a business unit's decision to destroy or even harm the reputation of your firm."

Mr. Hammerman is clearly right on when he says that no one's personal bottom line is more important than the reputation of the firm.

I suggest that, in times like this, even when you encounter resistance, this is when integrity kicks in. In these moments, you must be guided by what's right. And, what may be technically legal, within the narrow confines or proscriptions of the law may not always be what's right. I have always thought that the best test that you have done what's right, is whether you would be entirely comfortable having it described on the front page of the New York Times! Doing what's right will in all instances be what's best for your customer, and what's best for your customer is what's best for firms who are in the business to meet the needs of their customers.

One fundamental way that you can protect your firm and your franchise is by ensuring that your compliance and your internal controls are top-notch. These controls must be designed to deter and detect problems. Then, once problems are detected, they must be corrected promptly, and as I said, problems must be corrected in ways that are in the best interests of your customers.

If good compliance and internal controls are critical to a firm's lifeblood, how do you ensure that you've implemented a sound infrastructure? You must be proactive. You must periodically review your systems and controls and people to ensure that they are top-notch. Hire the best people. Instill in them a mission of integrity and a culture of doing what's right. Create a working environment in which it is clear that violative behavior is not tolerated. Talk the talk, but walk the walk. You must speak about, then actually do what's right. Then, test your systems periodically to make sure they're working. And, investigate new ways of ensuring compliance. In particular, keep abreast of all the new developments in compliance technology. I have seen proof, in my life as an examiner, that investing in technology can really improve compliance controls, and can be enormously cost-effective in the long run.

And you must accord your compliance system with adequate resources to do the job, and to do it right. As I have often said, in good times and bad, it's not in firms' interest to skimp on compliance. Chairman Pitt cautioned firms about just this last week, when he said that he was concerned about:

"…the fate of legal and compliance personnel in firms trying to cut costs and improve the bottom line results. There is often a temptation to cut back, or skimp, on compliance assurance, on the theory that compliance and legal staff do not increase the bottom line. That view, of course, is terribly mistaken. Compliance and legal staff contribute to the bottom line in the most important way possible -- they assure that their firms retain and improve their reputation, thus allowing their firms not only to remain in business but to continue to thrive in this unpredictable milieu. Cutting back on compliance is a sure-fire prescription for disaster and the erosion of public confidence."

I could not agree more. Now is not the time to shortcut, or skimp on compliance controls.

The SEC's Examination Program

Let me spend a bit of time talking about SEC examinations and our role in fostering proactive compliance. We very much view our role in the public sector as working to foster private sector compliance. At the most fundamental level, we have a common mission -- we both want to ensure that the compliance function is strong, well resourced, respected within the firm and able to do its job.

As SEC examiners, we look for weaknesses and violations. To be sure, we often find problems of varying degrees, ranging from record-keeping weaknesses, all the way up to significant conflicts of interest, frauds and manipulations. Remember, our mission is to protect investors, and the examination process is one of the ways we do this. But the examination process accomplishes something else, something we hope that you consider valuable. It helps you to identify potential weaknesses in your compliance practices, and in so doing, helps you to strengthen your compliance program. I also hope that we help educate your management about the need for a top quality compliance program.

One of our primary goals is to get problems fixed quickly, and we think that this should be your goal too. We strongly believe that one function of our examinations is to provide you with information you need to make changes and fix problems. Even small problems, if left incorrected, can blossom into large problems. When we find problems in our exams, it is now our policy to hold exit interviews with the firm. During the exit interview, examiners will outline their tentative conclusions about the problems they have found, before they send a deficiency letter. The goal of this new policy is to provide you with information about problems we have discerned as quickly as possible so that you can take immediate steps to correct problems. Ideally, you will have corrected all problems identified, and implemented measures to ensure that the problems don't reoccur, even before you receive our deficiency letter. Investors are better protected and served if you and we direct immediate attention to fixing problems.

We will do all we can to provide you with information to assist you in fixing problems, even when the problems are serious. In years past, when we found that serious problems warranted an enforcement referral, we sometimes did not provide the firm with a deficiency letter. Now, even when we think the Division of Enforcement or a self-regulatory organization may be interested in conducting further inquiries, we will send you a deficiency letter. We will no longer wait to inform you of problems until after our enforcement staff have completed their investigation. We want you to have an opportunity to fix the problems we found immediately. The exceptions to this policy are few -- generally situations where we believe that documents may be destroyed or investors' funds may be depleted. Again, we think that the best interests of investors are served by getting problems fixed quickly.

We can foster compliance, but we're obviously not on the scene all of the time. But you are. You are there, on the spot, when things go wrong. And when things do go wrong, and you discover problems, we want to encourage you to talk to us -- sooner rather than later. Our philosophy, as I've outlined here today, is that problems should be detected and corrected quickly, and in ways that benefit and protect investors. We want to help you to resolve problems. That's why the Commission recently made clear our policy on cooperating with the Commission in a recent Section 21(a) report, In the Matter of Gisela de Leon-Meredith [Release No. 34-44969]. This report clearly outlines the benefits of cooperating with the Commission by taking steps to protect investors, making them whole on any losses, and assisting the Commission in resolving difficult problems.

We also expect cooperation and candor in the examination process. Most firms in the securities industry view examinations as a part of doing business -- not as an intrusion but as a healthy check on operations. If you view examinations in this way at the outset, and communicate this view to your staff, it's likely that the exam is going to go smoothly. It's terribly important that you ensure that you are providing information promptly and completely, and that you are open and honest with examiners. On our part, as I said, we'll be forthcoming with you about any problems we see. Our goal is to establish a relationship of professional cooperation at all times.

Finally, since this is a gathering that includes all securities regulators (state, SRO, and federal), let me say something about cooperation among regulators. Under our system of functional regulation, firms in the securities business may be regulated and examined by more than one regulator. In fact, I'm betting that all of you in this room have been examined by more than one regulator, right? Functional regulation ensures that an expert regulator oversees different aspects of securities activity. For example, options, listed and OTC equities trading by broker-dealers is overseen by the relevant exchanges. State securities regulators play an important role in ensuring that sales practices to citizens within the state are appropriate. Larger advisers and funds are directly overseen by the SEC, and smaller advisers by the state securities regulators.

It's clear that with this system of several expert regulators -- regulators must cooperate and coordinate examination oversight -- and we do. Each year securities regulators hold an annual "Examination Planning Summit Meeting" to discuss examination priorities, areas of focus, common examination findings and trends. We share information that allows us to ensure that we're using scarce government resources appropriately. The SROs also have a program in which, at the request of a firm, they will coordinate and conduct examinations of that firm simultaneously. Some firms prefer to have all regulators in at once; others prefer that different types of examinations be conducted separately. Whatever the preference, the SROs will accommodate the firm. In addition, each state securities regulator, NASDR District office and regional or district office of the SEC meet semi-annually to discuss firms and issues in their area. This provides opportunities to exchange regulatory intelligence and information. Finally, securities regulators also conduct joint training programs for examiners -- which helps to further examiner expertise and instill consistency in approach. So, as you can see, we work hard at coordinating our examinations to reduce, as much as possible, any unnecessary overlap or duplication in our responsibilities.

*   *   *

Let me conclude by wishing you a wonderful conference today, and expressing my hope that you now know me a little better. I hope too that as regulators, we can hear from you about the compliance challenges and issues you face, and what we can do together to further meet the needs of investors.

Thank you.